]]>
今天更新?jin)KernelQ编写了(jin)一个Kernel的Print函数Qvoid kprint(char *); 好久没有更新?jin),唉,q年?jin),事情太多了(jin),没办法,串亲戚,会(x)朋?......
]]>
]]>
]]>
]]>
]]>
org 0x100
[bits 16]
jmp loaderStart
_GRAPH_SEG_OFFSET_ equ 0xb800
_RootEntCnt_ equ 0xe0
BS_OEMName db 'XXXXXXXX'
BPB_BytsPerSec dw 0x200
BPB_SecPerClus db 1
BPB_RsvdSecCnt dw 1
BPB_NumFATs db 2
BPB_RootEntCnt dw _RootEntCnt_
BPB_totSec16 dw 0xb40
BPB_Media db 0xf0
BPB_FATSz16 dw 9
BPB_SecPerTrk dw 0x12
BPB_NumHeads dw 2
BPB_HiddSec dd 0
BPB_totSec32 dd 0
BS_DrvNum db 0
BS_Reserved1 db 0
BS_BootSig db 0x29
BS_VolID dd 0
BS_VolLab db '11111111111'
BS_FileSysType db 'FAT12 (tng) (tng) '
parameters:
(tng)screenPo dd 0
(tng)STR_LEN equ 12
(tng)bootStr db 'Loading... (tng) '
(tng)noLoaderStr db 'No Kernel...'
(tng)ready db 'Ready (tng) (tng) (tng) (tng) (tng) (tng) '
(tng)KernelBase equ 0x8000
(tng)KernelOffset equ 0x0
(tng)rootEntryNum db _RootEntCnt_
(tng)loaderName db 'KERNEL (tng) BIN'
loaderStart:
(tng)mov ax,cs
(tng)mov ds,ax
(tng)mov es,ax
(tng)mov ss,ax
(tng)mov sp,0100
(tng)mov ax,_GRAPH_SEG_OFFSET_
(tng)mov gs,ax
(tng)
(tng)mov dh,0
(tng)call displayStr
(tng)
(tng)xor ah,ah
(tng)mov dl,[BS_DrvNum]
(tng)int 0x13
(tng)
(tng)mov ax,KernelBase
(tng)mov es,ax
(tng)mov bx,0
(tng)mov ax,19
(tng)mov cl,14
(tng)call readSector
(tng)
(tng)
(tng)xor edi,edi
(tng)
anotherFile:
(tng)xor esi,esi
(tng)cmp byte [rootEntryNum],0
(tng)je noLoader
(tng)
nextChar:
(tng)mov al,byte [es:edi]
(tng)cmp byte [ds:loaderName+si],al
(tng)jne notThisFile
(tng)cmp si,10
(tng)je found
(tng)inc esi
(tng)inc edi
(tng)jmp nextChar
(tng)
(tng)notThisFile:
(tng)shr edi,5
(tng)inc edi
(tng)shl edi,5
(tng)dec byte [rootEntryNum]
(tng)jmp anotherFile
(tng)
noLoader:
(tng)mov dh,1
(tng)call displayStr
(tng)jmp $
(tng)
found:
(tng)mov dh,2
(tng)call displayStr
(tng)
(tng)mov ax,word [es:edi+(0x10)]
(tng)mov cl,1
(tng)
(tng)push ax
(tng)mov ax,KernelBase
(tng)mov es,ax
(tng)mov ebx,KernelOffset
(tng)pop ax
(tng)
(tng)readEntry:
(tng)
(tng)cmp ax,0xfff
(tng)je readEnd
(tng)push ax
(tng)add ax,19+14-2
(tng)call readSector
(tng)pop ax
(tng)
(tng)add ebx,512
(tng)call getFATEntry
(tng)
(tng)jmp readEntry
(tng)readEnd:
(tng)
(tng)jmp toProtectMode
displayStr:
(tng); dh: String index
(tng)push cx
(tng)push ax
(tng)push bx
(tng)push esi
(tng)push edi
(tng)mov cx,STR_LEN
(tng)mov edi,dword [screenPo]
(tng)mov esi,bootStr
(tng)xor eax,eax
(tng)mov al,dh
(tng)mov bl,STR_LEN
(tng)mul bl
(tng)add esi,eax
(tng).1:
(tng)lodsb
(tng)mov [gs:edi],al
(tng)inc edi
(tng)inc edi
(tng)loop .1
(tng)
(tng)mov dword [screenPo],edi
(tng)pop edi
(tng)pop esi
(tng)pop bx
(tng)pop ax
(tng)pop cx
(tng)ret
readSector: ;ax: starting sector cl:number of sectors
(tng); ah 0x2 (tng) (tng) (tng) (tng) (tng) (tng) (tng) (tng) (tng) al:number of sector to read
(tng); (tng) (tng) (tng) (tng) (tng)bx: es:bx
(tng); ch:cylinder (tng) (tng) (tng)cl:start sector
(tng); dh:head (tng)num (tng) (tng) (tng)dl:Drive
(tng)push bp
(tng)mov bp,sp
(tng)push cx
(tng)push dx
(tng)push ax
(tng)
(tng)mov dl,[BPB_SecPerTrk]
(tng)div dl
(tng)mov cl,ah
(tng)inc cl
(tng)
(tng)mov ch,al
(tng)shr ch,1
(tng)
(tng)mov dh,al
(tng)and dh,1
(tng)
(tng)mov dl,byte [BS_DrvNum]
(tng)
(tng).1:
(tng)mov ah,2
(tng)mov al,byte [bp-2]
(tng)int 0x13
(tng)jc .1
(tng) (tng)
(tng)pop ax
(tng)pop dx
(tng)pop cx
(tng)pop bp
(tng)ret
(tng)
getFATEntry:
(tng)FATBaseInMem equ 0x7000
(tng);ax is the entry number
(tng);return ax is the next entry
(tng)
(tng)push es
(tng)push bx
(tng)push dx
(tng)push cx
(tng)
(tng)mov bx,FATBaseInMem
(tng)mov es,bx
(tng)
(tng)mov bx,3
(tng)mul bx ;dx:ax
(tng)mov bx,2
(tng)div bx ;dx is the rest
(tng)push dx
(tng)
(tng)xor dx,dx
(tng)mov bx,[BPB_BytsPerSec]
(tng)div bx
(tng)mov cl,2
(tng)xor bx,bx
(tng)add ax,1
(tng)call readSector
(tng)mov bx,dx; mov byte index
(tng)
(tng)pop dx
(tng)xor ax,ax
(tng)cmp dx,0
(tng)jne oddPart
(tng)
(tng)mov ax,word [es:bx]
(tng)and ax,0x0fff
(tng)
(tng)jmp after
(tng)oddPart:
(tng)
(tng)mov ax,word [es:bx]
(tng)shr ax,4
(tng)after:
(tng)pop cx
(tng)pop dx
(tng)pop bx
(tng)pop es
(tng)
(tng)ret
(tng)
(tng)
toProtectMode:
(tng)jmp start
(tng)
%macro Descriptor 3
(tng)dw %2 & 0xffff
(tng)dw %1 & 0xffff
(tng)db (%1 >> 16) & 0xff
(tng)dw ((%2 & 0x0f0000) >> 8) | (%3 & 0xf0ff)
(tng)db (%1 >> 24) & 0xff
%endmacro
DummyGDT: Descriptor 0,0,0
CodeGDT: Descriptor 0,0xfffff,1100000010011010b
DataGDT: Descriptor 0,0xfffff,1000000010010010b
ScreenGDT: Descriptor 0xb8000,0xffff,0000000010010010b
GDTPtr dw $-DummyGDT-1
(tng)dd 0x9000*0x10+DummyGDT
CodeSelector equ CodeGDT-DummyGDT
DataSelector equ DataGDT-DummyGDT
ScreenSelector equ ScreenGDT-DummyGDT
start:
(tng)call killMotor
(tng)cli
(tng)mov dh,2
(tng)call displayStr
(tng)
(tng)lgdt [GDTPtr]
(tng)
(tng)in al,0x92
(tng)or al,10b
(tng)out 0x92,al
(tng)
(tng)mov eax,cr0
(tng)or eax,1
(tng)mov cr0,eax
(tng)
(tng)jmp dword CodeSelector:(0x9000*0x10+ProtectMode)
killMotor:
(tng)push dx
(tng)mov dx,0x3f2
(tng)mov al,0
(tng)
(tng)out dx,al
(tng)pop dx
(tng)ret
[bits 32]
ProtectMode:
(tng)mov ax,ScreenSelector
(tng)mov gs,ax
(tng)xor edi,edi
(tng).again:
(tng)inc byte [gs:edi]
(tng)jmp .again
]]>
盘-->可用内存-->昑֭
应该是这样吧Q现在我仅仅是感性理解,需要将来看一些深入的书籍来了(jin)解?/font>
]]>
mov ah,0
mov dl,0
int 0x13
mov ax,0x7f0
mov es,ax
mov ah,2
mov ch,0
mov dh,0
mov al,1
mov cl,2
mov dl,0
mov ebx,0
int 0x13
mov ax,0xb800
mov gs,ax
jmp 0x7f00
times 510-($-$$) db 0
dw 0xaa55
again:
.1:
inc byte [gs:8]
jmp .1
times 1024-($-$$) db 0
q个E序的执行成功说明有一D늚内存地址是不能够被int 0x13讉K的。但是具体是Z么需要进一步思考?/p>
mov ah,0
mov dl,0
int 0x13
mov ax,0x7d00; original: mov ax,0xb800
mov es,ax
mov ah,2
mov ch,0
mov dh,0
mov al,1
mov cl,1
mov dl,0
mov ebx,0
int 0x13
mov ah,0x4c
int 0x21
q么短短的程?在原先把盘W一扇区的数据蝲入到B800Q?000从屏q显C出来却执行完成后B800Q?000却没有数据,而如果修改了(jin)地址?d00却可以,q是Z么呢Q?/font>
]]>
]]>
]]>
;下面的程序功能是?个页中写入不同的字符Q最后在各个中切换?BR>
;******************************************
;Copy Right Xiaoshuang Wang
;B.F.U
;2005
; 转蝲请保留此部分
;******************************************
org 0x7c00
bootStart:
xor ax,ax
mov ds,ax
mov ss,ax
mov sp,0x7c00
mov bp,sp
; Init the DRIVE
; Boot drive number is stored in DX(lower part)
mov [drive],dl
again:
mov cx,200
againChar:
call putString
loop againChar
mov al,[page]
inc al
mov [page],al
cmp al,0x8
jne again
mov cx,0x9
xor al,al
mov [page],al
check:
mov ah,0x05
int 0x10
xor ah,ah
int 0x16
mov al,[page]
inc al
mov [page],al
loop check
db 0xea
dw 0x0000, 0xffff
data db '012345678'
putString:
mov si,[page]
mov al,[data+si]
mov ah,0x0a
mov bl,0x07
mov bh,[page]
int 0x10
retn
;************************
; Here are the data part
;************************
drive db 0
page db 0
times 510-($-$$) db 0
dw 0xaa55
]]>
我用nasm~写?jin)一个Bin文gQ利用VMware把这个Bin文g作ؓ(f)一个Y盘镜像,实际上,q个“Y盘”只?12字节。结果我利用BIOS中断得到的这个“Y盘”的数据却是......Q如上图Q。算下来Q大概有1.44M的空_(d)可实际上只有512字节啊。BIOS中断获得盘数据I竟是怎么工作的呢Q暂时一个谜......
]]>
高八?nbsp; 低八?BR> 功能 ASCII?BR> AX= 0x0E
号 前景?BR> BX= 0x00Q?nbsp;
Q各个页有什么不同?Q?/FONT>
]]>